New Exploit Samples

New exploit code is available and circulating for vulnerabilities in OpenBase on OS X (local root exploits), and for the current XMLHTTP and WMI Object Broker ActiveX control vulnerabilities. Exploit code had previously only been available to a limited number of individuals (mainly attackers), and the recent change has been the public availability of this code from a number of sites.

Administrators and users who are seeking to defend against these attacks should be able to find appropriate IDS/IPS signatures and antivirus definitions updates from their respective vendors. It should be understood that exploits that have been heavily obfuscated before use may not be detectable, even with these protection mechanisms in place.